1. Field of the Invention
The present invention relates generally to `smart cards` containing integrated circuit (IC) microprocessors, more particularly to operating systems for such intended to enable multiple applications and most specifically to such systems intended to enable access to particular applications by use of a selected `custom` command while denying access to any of the other applications encompassed.
2. General Background
The use of IC microprocessors embedded in a plastic card similar dimensionally to conventional credit cards, which are characterized by the capability of magnetically storing information, has more recently emerged as a valuable product for facilitating financial services primarily. Cards with an IC microprocessor embedded inside and with external contacts for communication with an interface device are known commonly as smart cards or IC cards. The microprocessor utilized possesses the ability to hold an operating program and other information in volatile memory alterable by a CPU (Central Processing Unit) which possesses `hard-wired` control circuitry. The CPU and the various types of memory together comprising the microprocessor may all be contained by a single IC `chip`.
Smart cards possess the capability of modifying data stored in memory in response to communication with an interface device. Smart cards also, in contrast to conventional cards which store information magnetically, require an electrical energy supply which is typically provided by an external interface device. In order to safeguard against unauthorized use of a smart card a `custom command` or code, created or selected by the owner, is required to access the operating program. This practice is considered to resemble closely that utilized to prevent unauthorized use of conventional ATM (Automatic Teller Machine) access cards wherein a numeric code is entered into an ATM after the magnetically stored information on the card is read by the machine in order to verify authorized access.
ATMs dispense paper currency and deduct a corresponding amount from a financial account held by the user, and also make information available regarding financial accounts, typically by printing the information requested upon a slip of paper dispensed from the machine. Other, more sophisticated, ATMs are known which enable transactions between accounts and which provide information upon a display screen, for example, however, a record of any information, including that for any transaction conducted with the machine, cannot be made upon a conventional ATM card while such records can be created and maintained within a smart card.
Current smart card technology includes the capability of multiple application use and the ability to enter into non-volatile memory a custom command chosen by the user. However, these cards either have a fixed operating system which does not include the ability to enter into non-volatile memory any custom command or the custom commands are public to all applications. Current smart card hardware design does not ensure restriction of each custom command to a particular application. Any application may be accessed by any custom command. furthermore, each custom command may bypass security control and dump or otherwise alter all volatile memory upon the card.